mikluko/logcheck_ssh

## logcheck_ssh
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Set /proc/self/oom_adj to [[:digit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Connection from [:[:xdigit:].]+ port [[:digit:]]{1,5}$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Found matching (RSA|DSA) key: [[:xdigit:]:]{47}$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Failed publickey for [[:alnum:]]+ from [:[:xdigit:].]+ port [[:digit:]]{1,5} ssh2$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Read error from remote host [.[:xdigit:]:]+: Connection timed out$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: User child is on pid [[:digit:]]{1,5}$
	^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Set /proc/self/oom_adj to [[:digit:]]+$
	^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Connection from [:[:xdigit:].]+ port [[:digit:]]{1,5}$
	^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Found matching (RSA\|DSA) key: [[:xdigit:]:]{47}$
	^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Failed publickey for [[:alnum:]]+ from [:[:xdigit:].]+ port [[:digit:]]{1,5} ssh2$
	^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Read error from remote host [.[:xdigit:]:]+: Connection timed out$
	^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: User child is on pid [[:digit:]]{1,5}$